New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gratuitous ARP is wrong #225

Closed
hannesm opened this Issue Jul 12, 2016 · 2 comments

Comments

Projects
None yet
2 participants
@hannesm
Member

hannesm commented Jul 12, 2016

RFC 5227, section 3 (https://tools.ietf.org/html/rfc5227#section-3) says it should be a ARP request with spa = tpa (mirage-tcpip uses a ARP reply with tpa = broadcast). Section 3 also makes it clear why an ARP reply is a bad idea. Related to mato/docker-unikernel-runner#1 (setting arp_accept (somewhere in proc on linux) to the bridge and sending an ARP request solves the issue (just verified with @mato)).

Discovered while reimplementing ARP (https://github.com/hannesm/arp - https://hannes.nqsb.io/Posts/ARP)

@yomimono

This comment has been minimized.

Member

yomimono commented Jul 12, 2016

Thanks for the report - we're indeed doing it pretty wrong. I'll fix this up.

@hannesm

This comment has been minimized.

Member

hannesm commented Jul 12, 2016

I'd guess a branch off 2.8.0 release with having only this fixed (and a 2.8.1 release) would make people, instead of waiting till master is in a state to be released (which requires new mirage-types release)....

yomimono added a commit to yomimono/mirage-tcpip that referenced this issue Jul 15, 2016

process incoming ARPs & construct GARPs per RFC 826.
Per RFC 826, don't look at the `op` field of the packet before deciding
whether to use it to update the cache.  Also, construct gratuitous ARP
packets as Requests, not Replies, and set the destination host address
to the source host address.  This fixes mirage#225.

yomimono added a commit to yomimono/mirage-tcpip that referenced this issue Jul 15, 2016

process incoming ARPs & construct GARPs per RFC 826.
Per RFC 826, don't look at the `op` field of the packet before deciding
whether to use it to update the cache.  Also, construct gratuitous ARP
packets as Requests, not Replies, and set the destination host address
to the source host address.  This fixes mirage#225.

yomimono added a commit to yomimono/mirage-tcpip that referenced this issue Jul 15, 2016

process incoming ARPs & construct GARPs per RFC 826.
Per RFC 826, don't look at the `op` field of the packet before deciding
whether to use it to update the cache.  Also, construct gratuitous ARP
packets as Requests, not Replies, and set the destination host address
to the source host address.  This fixes mirage#225.

mato added a commit to mato/docker-unikernel-runner that referenced this issue Aug 10, 2016

Switch to mirage-dev remote for unikernel containers
This pulls in the GARP fix from mirage/mirage-tcpip#225 which helps with
 #1, and no longer uses the solo5/opam-solo5 remote for Solo5.

Further net.ipv4.conf.docker0.arp_accept is set to 1 for Travis which
should make the tests run more reliably.

samoht pushed a commit to samoht/mirage-tcpip that referenced this issue Apr 4, 2017

process incoming ARPs & construct GARPs per RFC 826.
Per RFC 826, don't look at the `op` field of the packet before deciding
whether to use it to update the cache.  Also, construct gratuitous ARP
packets as Requests, not Replies, and set the destination host address
to the source host address.  This fixes mirage#225.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment